[dns-operations] Why roll the KSK? (was Sad news today: systemd-resolved to be deployed in Ubuntu 16.10)
Paul Vixie
vixie at tisf.net
Tue Jun 7 07:52:23 UTC 2016
Stephane Bortzmeyer wrote:
> On Mon, Jun 06, 2016 at 03:06:22PM -0700,
> David Conrad<drc at virtualized.org> wrote
> a message of 86 lines which said:
>
>> Out of curiosity, how is it different than http://keyroll.systems or
>> https://icksk.dnssek.info/fauxroot.html?
>
> Cool experiments. From what I see on their Web site, the big
> difference with Yeti is that the root, in these experiments, is
> entirely managed by one entity. Yeti has three masters and twenty-five
> servers, managed by different organisations
> <http://yeti-dns.org/operators.html>
https://www.youtube.com/watch?v=rSBNT5WKizg
> But it is not a competition. The
> more different experiments, the better.
agreed, although we (i) should do more homework, so as to offer complete references.
--
P Vixie
More information about the dns-operations
mailing list